Univention Bugzilla – Bug 54344
ghostscript: Multiple issues (4.4)
Last modified: 2022-01-19 13:44:26 CET
New Debian ghostscript 9.26a~dfsg-0+deb9u8 fixes: This update addresses the following issues: * Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). (CVE-2021-45944) * Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). (CVE-2021-45949)
--- mirror/ftp/4.4/unmaintained/4.4-6/source/ghostscript_9.26a~dfsg-0+deb9u7.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/ghostscript_9.26a~dfsg-0+deb9u8.dsc @@ -1,3 +1,13 @@ +9.26a~dfsg-0+deb9u8 [Fri, 14 Jan 2022 21:07:20 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2021-45949: + Ghostscript GhostPDL has a heap-based buffer overflow in + sampled_data_finish (called from sampled_data_continue and interp). + * Fix CVE-2021-45944: + Ghostscript GhostPDL 9.50 has a use-after-free in + sampled_data_sample (called from sampled_data_continue and interp). + 9.26a~dfsg-0+deb9u7 [Thu, 20 Aug 2020 16:04:00 +0200] Sylvain Beucler <beuc@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/4.4-8/#3440152646185224608>
OK: yaml OK: announce_errata OK: patch OK: piuparts [remotes/origin/4.4-8] aafe57e29a Bug #54344: ghostscript 9.26a~dfsg-0+deb9u8 doc/errata/staging/ghostscript.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) [remotes/origin/4.4-8] a399ed4753 Bug #54344: ghostscript 9.26a~dfsg-0+deb9u8 doc/errata/staging/ghostscript.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 1774f9fc0e Bug #54344: ghostscript 9.26a~dfsg-0+deb9u8 doc/errata/staging/ghostscript.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [4.4-8] aafe57e29a Bug #54344: ghostscript 9.26a~dfsg-0+deb9u8 doc/errata/staging/ghostscript.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) [4.4-8] a399ed4753 Bug #54344: ghostscript 9.26a~dfsg-0+deb9u8 doc/errata/staging/ghostscript.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1152>